diff options
author | Tim Yamin <plasmaroo@gentoo.org> | 2004-01-06 20:32:41 +0000 |
---|---|---|
committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-01-06 20:32:41 +0000 |
commit | b83aed3aa6b16c7ea459171dcf71d96a986a0364 (patch) | |
tree | 9c7f59d78a30f91ab7161f8f669cd32d9fd6ed32 /sys-kernel/ia64-sources | |
parent | Closing #35796 (diff) | |
download | gentoo-2-b83aed3aa6b16c7ea459171dcf71d96a986a0364.tar.gz gentoo-2-b83aed3aa6b16c7ea459171dcf71d96a986a0364.tar.bz2 gentoo-2-b83aed3aa6b16c7ea459171dcf71d96a986a0364.zip |
Added patches to adress the security vulnerabilities in bugs #37292 and #37317.
Diffstat (limited to 'sys-kernel/ia64-sources')
-rw-r--r-- | sys-kernel/ia64-sources/ChangeLog | 7 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/Manifest | 10 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.22-r2 | 2 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/ia64-sources.CAN-2003-0985.patch | 13 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/ia64-sources.rtc_fix.patch | 180 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild | 11 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.22-r2.ebuild | 62 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild | 10 |
8 files changed, 285 insertions, 10 deletions
diff --git a/sys-kernel/ia64-sources/ChangeLog b/sys-kernel/ia64-sources/ChangeLog index 8f46e41539c2..f832e0f4624f 100644 --- a/sys-kernel/ia64-sources/ChangeLog +++ b/sys-kernel/ia64-sources/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sys-kernel/ia64-sources # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ChangeLog,v 1.6 2003/12/04 23:06:34 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ChangeLog,v 1.7 2004/01/06 20:30:35 plasmaroo Exp $ + + 06 Jan 2004; <plasmaroo@gentoo.org> ia64-sources-2.4.22-r1.ebuild, + ia64-sources-2.4.22-r2.ebuild, ia64-sources-2.4.22.ebuild: + Version bumped to address patches to address the security + vulnerabilities in bugs #37292 and #37317. *ia64-sources-2.4.22-r1 (02 Dec 2003) diff --git a/sys-kernel/ia64-sources/Manifest b/sys-kernel/ia64-sources/Manifest index 5f7285bf07fd..6fcece09ac16 100644 --- a/sys-kernel/ia64-sources/Manifest +++ b/sys-kernel/ia64-sources/Manifest @@ -1,6 +1,10 @@ -MD5 9267aeacfe1c498f485869dc2f85ac51 ChangeLog 989 -MD5 c0fa9845e7778568f452f756bb47e7a9 ia64-sources-2.4.22.ebuild 2184 -MD5 db598b5cd0434d92ae62c837a556e29a ia64-sources-2.4.22-r1.ebuild 2187 +MD5 8a157eff8b0edba6afd4cacc50af72d9 ChangeLog 1226 +MD5 05b8ee7f1a13393c0562d4eb233947c0 ia64-sources-2.4.22.ebuild 2380 +MD5 f2d229d1d9480467b2721ad86ce88cdc ia64-sources-2.4.22-r2.ebuild 2384 +MD5 c7f2256e42646b46301c1a05389e5fe5 ia64-sources-2.4.22-r1.ebuild 2384 MD5 7e2b1e9a14d1cc3052d133b3d6015cde files/digest-ia64-sources-2.4.22 145 +MD5 7e2b1e9a14d1cc3052d133b3d6015cde files/digest-ia64-sources-2.4.22-r2 145 MD5 7e2b1e9a14d1cc3052d133b3d6015cde files/digest-ia64-sources-2.4.22-r1 145 +MD5 e2e2b545b6fcdcecf49e33798efa5b84 files/ia64-sources.rtc_fix.patch 7073 +MD5 d641cd49ae63ca2989672d2209691bb5 files/ia64-sources.CAN-2003-0985.patch 414 MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242 diff --git a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.22-r2 b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.22-r2 new file mode 100644 index 000000000000..78b743a49a91 --- /dev/null +++ b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.22-r2 @@ -0,0 +1,2 @@ +MD5 75dc85149b06ac9432106b8941eb9f7b linux-2.4.22.tar.bz2 29528612 +MD5 ba3fef66e7963d1876c0f27ae3181cc3 linux-2.4.22-ia64-030909.diff.bz2 567208 diff --git a/sys-kernel/ia64-sources/files/ia64-sources.CAN-2003-0985.patch b/sys-kernel/ia64-sources/files/ia64-sources.CAN-2003-0985.patch new file mode 100644 index 000000000000..bacef69f02f8 --- /dev/null +++ b/sys-kernel/ia64-sources/files/ia64-sources.CAN-2003-0985.patch @@ -0,0 +1,13 @@ +--- linux/mm/mremap.c.orig 2004-01-05 17:01:21.382104120 +0000 ++++ linux/mm/mremap.c 2004-01-05 17:15:25.689749848 +0000 +@@ -315,6 +315,10 @@ + old_len = PAGE_ALIGN(old_len); + new_len = PAGE_ALIGN(new_len); + ++ /* Don't allow the degenerate cases */ ++ if (!(old_len | new_len)) ++ goto out; ++ + /* new_addr is only valid if MREMAP_FIXED is specified */ + if (flags & MREMAP_FIXED) { + if (new_addr & ~PAGE_MASK) diff --git a/sys-kernel/ia64-sources/files/ia64-sources.rtc_fix.patch b/sys-kernel/ia64-sources/files/ia64-sources.rtc_fix.patch new file mode 100644 index 000000000000..76a663c6e89d --- /dev/null +++ b/sys-kernel/ia64-sources/files/ia64-sources.rtc_fix.patch @@ -0,0 +1,180 @@ +diff -urN linux-2.4.23/arch/cris/drivers/ds1302.c linux-2.4.24/arch/cris/drivers/ds1302.c +--- linux-2.4.23/arch/cris/drivers/ds1302.c 2003-08-25 04:44:39.000000000 -0700 ++++ linux-2.4.24/arch/cris/drivers/ds1302.c 2004-01-05 05:53:56.000000000 -0800 +@@ -346,6 +346,7 @@ + { + struct rtc_time rtc_tm; + ++ memset(&rtc_tm, 0, sizeof (struct rtc_time)); + get_rtc_time(&rtc_tm); + if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) + return -EFAULT; +diff -urN linux-2.4.23/arch/cris/drivers/pcf8563.c linux-2.4.24/arch/cris/drivers/pcf8563.c +--- linux-2.4.23/arch/cris/drivers/pcf8563.c 2003-08-25 04:44:39.000000000 -0700 ++++ linux-2.4.24/arch/cris/drivers/pcf8563.c 2004-01-05 05:53:56.000000000 -0800 +@@ -220,6 +220,7 @@ + { + struct rtc_time tm; + ++ memset(&tm, 0, sizeof (struct rtc_time)); + get_rtc_time(&tm); + + if (copy_to_user((struct rtc_time *) arg, &tm, sizeof tm)) { +diff -urN linux-2.4.23/arch/m68k/bvme6000/rtc.c linux-2.4.24/arch/m68k/bvme6000/rtc.c +--- linux-2.4.23/arch/m68k/bvme6000/rtc.c 2003-06-13 07:51:31.000000000 -0700 ++++ linux-2.4.24/arch/m68k/bvme6000/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -54,6 +54,7 @@ + /* Ensure clock and real-time-mode-register are accessible */ + msr = rtc->msr & 0xc0; + rtc->msr = 0x40; ++ memset(&wtime, 0, sizeof(struct rtc_time)); + do { + wtime.tm_sec = BCD2BIN(rtc->bcd_sec); + wtime.tm_min = BCD2BIN(rtc->bcd_min); +diff -urN linux-2.4.23/arch/m68k/mvme16x/rtc.c linux-2.4.24/arch/m68k/mvme16x/rtc.c +--- linux-2.4.23/arch/m68k/mvme16x/rtc.c 2003-06-13 07:51:31.000000000 -0700 ++++ linux-2.4.24/arch/m68k/mvme16x/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -52,6 +52,7 @@ + cli(); + /* Ensure clock and real-time-mode-register are accessible */ + rtc->ctrl = RTC_READ; ++ memset(&wtime, 0, sizeof(struct rtc_time)); + wtime.tm_sec = BCD2BIN(rtc->bcd_sec); + wtime.tm_min = BCD2BIN(rtc->bcd_min); + wtime.tm_hour = BCD2BIN(rtc->bcd_hr); +diff -urN linux-2.4.23/arch/ppc64/kernel/rtc.c linux-2.4.24/arch/ppc64/kernel/rtc.c +--- linux-2.4.23/arch/ppc64/kernel/rtc.c 2003-06-13 07:51:32.000000000 -0700 ++++ linux-2.4.24/arch/ppc64/kernel/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -96,6 +96,7 @@ + switch (cmd) { + case RTC_RD_TIME: /* Read the time/date from RTC */ + { ++ memset(&wtime, 0, sizeof(struct rtc_time)); + ppc_md.get_rtc_time(&wtime); + break; + } +diff -urN linux-2.4.23/drivers/acorn/char/i2c.c linux-2.4.24/drivers/acorn/char/i2c.c +--- linux-2.4.23/drivers/acorn/char/i2c.c 2003-08-25 04:44:40.000000000 -0700 ++++ linux-2.4.24/drivers/acorn/char/i2c.c 2004-01-05 05:53:56.000000000 -0800 +@@ -166,6 +166,7 @@ + break; + + case RTC_RD_TIME: ++ memset(&rtctm, 0, sizeof(struct rtc_time)); + get_rtc_time(&rtc_raw, &year); + rtctm.tm_sec = rtc_raw.secs; + rtctm.tm_min = rtc_raw.mins; +diff -urN linux-2.4.23/drivers/char/ds1286.c linux-2.4.24/drivers/char/ds1286.c +--- linux-2.4.23/drivers/char/ds1286.c 2003-08-25 04:44:41.000000000 -0700 ++++ linux-2.4.24/drivers/char/ds1286.c 2004-01-05 05:53:56.000000000 -0800 +@@ -173,7 +173,7 @@ + * means "don't care" or "match all". Only the tm_hour, + * tm_min, and tm_sec values are filled in. + */ +- ++ memset(&wtime, 0, sizeof(struct rtc_time)); + ds1286_get_alm_time(&wtime); + break; + } +@@ -216,6 +216,7 @@ + } + case RTC_RD_TIME: /* Read the time/date from RTC */ + { ++ memset(&wtime, 0, sizeof(struct rtc_time)); + ds1286_get_time(&wtime); + break; + } +diff -urN linux-2.4.23/drivers/char/efirtc.c linux-2.4.24/drivers/char/efirtc.c +--- linux-2.4.23/drivers/char/efirtc.c 2003-06-13 07:51:32.000000000 -0700 ++++ linux-2.4.24/drivers/char/efirtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -118,6 +118,7 @@ + static void + convert_from_efi_time(efi_time_t *eft, struct rtc_time *wtime) + { ++ memset(wtime, 0, sizeof(struct rtc_time)); + wtime->tm_sec = eft->second; + wtime->tm_min = eft->minute; + wtime->tm_hour = eft->hour; +diff -urN linux-2.4.23/drivers/char/ip27-rtc.c linux-2.4.24/drivers/char/ip27-rtc.c +--- linux-2.4.23/drivers/char/ip27-rtc.c 2003-08-25 04:44:41.000000000 -0700 ++++ linux-2.4.24/drivers/char/ip27-rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -83,6 +83,7 @@ + switch (cmd) { + case RTC_RD_TIME: /* Read the time/date from RTC */ + { ++ memset(&wtime, 0, sizeof(struct rtc_time)); + get_rtc_time(&wtime); + break; + } +diff -urN linux-2.4.23/drivers/char/mips_rtc.c linux-2.4.24/drivers/char/mips_rtc.c +--- linux-2.4.23/drivers/char/mips_rtc.c 2003-08-25 04:44:41.000000000 -0700 ++++ linux-2.4.24/drivers/char/mips_rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -82,6 +82,7 @@ + + switch (cmd) { + case RTC_RD_TIME: /* Read the time/date from RTC */ ++ memset(&rtc_tm, 0, sizeof(struct rtc_time)); + curr_time = rtc_get_time(); + to_tm(curr_time, &rtc_tm); + rtc_tm.tm_year -= 1900; +diff -urN linux-2.4.23/drivers/char/rtc.c linux-2.4.24/drivers/char/rtc.c +--- linux-2.4.23/drivers/char/rtc.c 2003-11-28 10:26:20.000000000 -0800 ++++ linux-2.4.24/drivers/char/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -362,7 +362,7 @@ + * means "don't care" or "match all". Only the tm_hour, + * tm_min, and tm_sec values are filled in. + */ +- ++ memset(&wtime, 0, sizeof(struct rtc_time)); + get_rtc_alm_time(&wtime); + break; + } +@@ -406,6 +406,7 @@ + } + case RTC_RD_TIME: /* Read the time/date from RTC */ + { ++ memset(&wtime, 0, sizeof(struct rtc_time)); + get_rtc_time(&wtime); + break; + } +diff -urN linux-2.4.23/drivers/hil/hp_sdc_rtc.c linux-2.4.24/drivers/hil/hp_sdc_rtc.c +--- linux-2.4.23/drivers/hil/hp_sdc_rtc.c 2003-06-13 07:51:33.000000000 -0700 ++++ linux-2.4.24/drivers/hil/hp_sdc_rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -561,6 +561,7 @@ + } + case RTC_ALM_READ: /* Read the present alarm time */ + { ++ memset(&ttime, 0, sizeof(struct timeval)); + if (hp_sdc_rtc_read_mt(&ttime)) return -EFAULT; + break; + } +@@ -609,6 +610,7 @@ + } + case RTC_RD_TIME: /* Read the time/date from RTC */ + { ++ memset(&wtime, 0, sizeof(struct rtc_time)); + if (hp_sdc_rtc_read_bbrtc(&wtime)) return -EFAULT; + break; + } +diff -urN linux-2.4.23/drivers/macintosh/rtc.c linux-2.4.24/drivers/macintosh/rtc.c +--- linux-2.4.23/drivers/macintosh/rtc.c 2002-02-25 11:37:58.000000000 -0800 ++++ linux-2.4.24/drivers/macintosh/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -64,6 +64,7 @@ + case RTC_RD_TIME: + if (ppc_md.get_rtc_time) + { ++ memset(&rtc_tm, 0, sizeof(struct rtc_time)); + get_rtc_time(&rtc_tm); + + if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) +diff -urN linux-2.4.23/drivers/sbus/char/rtc.c linux-2.4.24/drivers/sbus/char/rtc.c +--- linux-2.4.23/drivers/sbus/char/rtc.c 2001-10-10 23:42:47.000000000 -0700 ++++ linux-2.4.24/drivers/sbus/char/rtc.c 2004-01-05 05:53:56.000000000 -0800 +@@ -89,6 +89,7 @@ + switch (cmd) + { + case RTCGET: ++ memset(&rtc_tm, 0, sizeof(struct rtc_time)); + get_rtc_time(&rtc_tm); + + if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild index 2351e48bc839..e982d5151320 100644 --- a/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild +++ b/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. +# Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild,v 1.1 2003/12/02 07:38:02 iggy Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.22-r1.ebuild,v 1.2 2004/01/06 20:30:35 plasmaroo Exp $ IUSE="" @@ -40,6 +40,7 @@ KEYWORDS="-* ia64" SLOT="${KV}" src_unpack() { + unpack linux-${OKV}.tar.bz2 cd ${WORKDIR} mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" @@ -48,7 +49,11 @@ src_unpack() { # cat ${DISTDIR}/cset-${MYCSET}.txt.gz | gzip -d | patch -f -p1 [ ! -e ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 ] && die "patch not found" cat ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 | bzip2 -d | patch -f -p1 - epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + + epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch do_brk() vulnerability!" + epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" + epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" + kernel_universal_unpack } diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.22-r2.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.22-r2.ebuild new file mode 100644 index 000000000000..b3a45ff9e14e --- /dev/null +++ b/sys-kernel/ia64-sources/ia64-sources-2.4.22-r2.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.22-r2.ebuild,v 1.1 2004/01/06 20:30:35 plasmaroo Exp $ + +IUSE="" + +# OKV=original kernel version, KV=patched kernel version. They can be the same. + +# Kernel ebuilds using the kernel.eclass can remove any patch that you +# do not want to apply by simply setting the KERNEL_EXCLUDE shell +# variable to the string you want to exclude (for instance +# KERNEL_EXCLUDE="evms" would not patch any patches whose names match +# *evms*). Kernels are only tested in the default configuration, but +# this may be useful if you know that a particular patch is causing a +# conflict with a patch you personally want to apply, or some other +# similar situation. + +ETYPE="sources" + +inherit kernel +OKV="`echo ${PV}|sed -e 's:^\([0-9]\+\.[0-9]\+\.[0-9]\+\).*:\1:'`" +EXTRAVERSION="-${PN/-*/}" +[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}" +KV="${OKV}${EXTRAVERSION}" + +S=${WORKDIR}/linux-${KV} + +# Documentation on the patches contained in this kernel will be installed +# to /usr/share/doc/gentoo-sources-${PV}/patches.txt.gz + +#MYCSET="1.1063.2.37-to-1.1088" +MYSNAPSHOT="030909" +DESCRIPTION="Full sources for the Gentoo Kernel." +SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 +mirror://kernel/linux/kernel/ports/ia64/v2.4/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2" + +HOMEPAGE="http://www.gentoo.org/ http://www.kernel.org/" +LICENSE="GPL-2" +KEYWORDS="-* ia64" +SLOT="${KV}" + +src_unpack() { + + unpack linux-${OKV}.tar.bz2 + cd ${WORKDIR} + mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" + cd ${WORKDIR}/linux-${KV} +# [ ! -e ${DISTDIR}/cset-${MYCSET}.txt.gz ] && die "patch file not found" +# cat ${DISTDIR}/cset-${MYCSET}.txt.gz | gzip -d | patch -f -p1 + [ ! -e ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 ] && die "patch not found" + cat ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 | bzip2 -d | patch -f -p1 + + epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch do_brk() vulnerability!" + epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" + epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" + + kernel_universal_unpack +} + +pkg_postinst() { + kernel_pkg_postinst +} diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild index 751b7f7f77a7..fb566b06abda 100644 --- a/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild +++ b/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. +# Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild,v 1.5 2003/12/02 03:48:50 iggy Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.22.ebuild,v 1.6 2004/01/06 20:30:35 plasmaroo Exp $ IUSE="" @@ -48,7 +48,11 @@ src_unpack() { # cat ${DISTDIR}/cset-${MYCSET}.txt.gz | gzip -d | patch -f -p1 [ ! -e ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 ] && die "patch not found" cat ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 | bzip2 -d | patch -f -p1 - epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + + epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch do_brk() vulnerability!" + epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" + epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" + kernel_universal_unpack } |